Fix service check common auth

xorkevin · Apr 23, 2023 · b3533cd · b3533cd
1 parent 58effe6
commit b3533cd
Show file tree

Hide file tree

Showing 4 changed files with 21 additions and 16 deletions.
diff --git a/service/events/nats.go b/service/events/nats.go
@@ -25,7 +25,6 @@ type (
 	NatsService struct {
 		lc         *lifecycle.Lifecycle[natsClient]
 		clientname string
-		auth       natsauth
 		addr       string
 		config     governor.SecretReader
 		log        *klog.LevelLogger
@@ -145,7 +144,7 @@ func (s *NatsService) handleGetClient(ctx context.Context, m *lifecycle.Manager[
 		if secret.Password == "" {
 			return client, kerrors.WithKind(nil, governor.ErrInvalidConfig, "Empty auth")
 		}
-		if secret == s.auth {
+		if secret == client.auth {
 			return client, nil
 		}
 	}

diff --git a/service/kvstore/kvstore.go b/service/kvstore/kvstore.go
@@ -73,7 +73,7 @@ type (
 
 	kvstoreClient struct {
 		client *redis.Client
-		auth   secretAuth
+		auth   redisauth
 	}
 
 	Service struct {
@@ -232,12 +232,14 @@ func (s *Service) handlePing(ctx context.Context, m *lifecycle.Manager[kvstoreCl
 	if s.hbfailed < s.hbmaxfail {
 		s.log.WarnErr(ctx, kerrors.WithMsg(err, "Failed to ping kvstore"),
 			klog.AString("addr", s.addr),
+			klog.AString("username", client.auth.Username),
 			klog.AString("dbname", strconv.Itoa(s.dbname)),
 		)
 		return
 	}
 	s.log.Err(ctx, kerrors.WithMsg(err, "Failed max pings to kvstore"),
 		klog.AString("addr", s.addr),
+		klog.AString("username", client.auth.Username),
 		klog.AString("dbname", strconv.Itoa(s.dbname)),
 	)
 
@@ -251,35 +253,38 @@ func (s *Service) handlePing(ctx context.Context, m *lifecycle.Manager[kvstoreCl
 }
 
 type (
-	secretAuth struct {
+	redisauth struct {
+		Username string `mapstructure:"username"`
 		Password string `mapstructure:"password"`
 	}
 )
 
 func (s *Service) handleGetClient(ctx context.Context, m *lifecycle.Manager[kvstoreClient]) (*kvstoreClient, error) {
-	var secret secretAuth
+	var auth redisauth
 	{
 		client := m.Load(ctx)
-		if err := s.config.GetSecret(ctx, "auth", 0, &secret); err != nil {
+		if err := s.config.GetSecret(ctx, "auth", 0, &auth); err != nil {
 			return client, kerrors.WithMsg(err, "Invalid secret")
 		}
-		if secret.Password == "" {
+		if auth.Username == "" {
 			return client, kerrors.WithKind(nil, governor.ErrInvalidConfig, "Empty auth")
 		}
-		if client != nil && secret == client.auth {
+		if client != nil && auth == client.auth {
 			return client, nil
 		}
 	}
 
 	kvClient := redis.NewClient(&redis.Options{
 		Addr:     s.addr,
-		Password: secret.Password,
+		Username: auth.Username,
+		Password: auth.Password,
 		DB:       s.dbname,
 	})
 	if _, err := kvClient.Ping(ctx).Result(); err != nil {
 		if err := kvClient.Close(); err != nil {
 			s.log.Err(ctx, kerrors.WithKind(err, ErrConn, "Failed to close db after failed initial ping"),
 				klog.AString("addr", s.addr),
+				klog.AString("username", auth.Username),
 				klog.AString("dbname", strconv.Itoa(s.dbname)),
 			)
 		}
@@ -291,12 +296,13 @@ func (s *Service) handleGetClient(ctx context.Context, m *lifecycle.Manager[kvst
 
 	s.log.Info(ctx, "Established connection to kvstore",
 		klog.AString("addr", s.addr),
+		klog.AString("username", auth.Username),
 		klog.AString("dbname", strconv.Itoa(s.dbname)),
 	)
 
 	client := &kvstoreClient{
 		client: kvClient,
-		auth:   secret,
+		auth:   auth,
 	}
 	m.Store(client)
 
@@ -308,11 +314,13 @@ func (s *Service) closeClient(ctx context.Context, client *kvstoreClient) {
 		if err := client.client.Close(); err != nil {
 			s.log.Err(ctx, kerrors.WithMsg(err, "Failed to close kvstore connection"),
 				klog.AString("addr", s.addr),
+				klog.AString("username", client.auth.Username),
 				klog.AString("dbname", strconv.Itoa(s.dbname)),
 			)
 		} else {
 			s.log.Info(ctx, "Closed kvstore connection",
 				klog.AString("addr", s.addr),
+				klog.AString("username", client.auth.Username),
 				klog.AString("dbname", strconv.Itoa(s.dbname)),
 			)
 		}

diff --git a/service/objstore/objstore.go b/service/objstore/objstore.go
@@ -35,7 +35,6 @@ type (
 	Service struct {
 		lc         *lifecycle.Lifecycle[objstoreClient]
 		clientname string
-		auth       minioauth
 		addr       string
 		sslmode    bool
 		location   string
@@ -188,13 +187,13 @@ func (s *Service) handlePing(ctx context.Context, m *lifecycle.Manager[objstoreC
 	if s.hbfailed < s.hbmaxfail {
 		s.log.WarnErr(ctx, kerrors.WithMsg(err, "Failed to ping objstore"),
 			klog.AString("addr", s.addr),
-			klog.AString("username", s.auth.Username),
+			klog.AString("username", client.auth.Username),
 		)
 		return
 	}
 	s.log.Err(ctx, kerrors.WithMsg(err, "Failed max pings to objstore"),
 		klog.AString("addr", s.addr),
-		klog.AString("username", s.auth.Username),
+		klog.AString("username", client.auth.Username),
 	)
 	s.hbfailed = 0
 	// first invalidate cached secret in order to ensure that construct client
@@ -243,7 +242,7 @@ func (s *Service) handleGetClient(ctx context.Context, m *lifecycle.Manager[objs
 
 	s.log.Info(ctx, "Established connection to objstore",
 		klog.AString("addr", s.addr),
-		klog.AString("username", s.auth.Username),
+		klog.AString("username", auth.Username),
 	)
 
 	client := &objstoreClient{

diff --git a/service/pubsub/pubsub.go b/service/pubsub/pubsub.go
@@ -43,7 +43,6 @@ type (
 	Service struct {
 		lc         *lifecycle.Lifecycle[pubsubClient]
 		clientname string
-		auth       natsauth
 		addr       string
 		config     governor.SecretReader
 		log        *klog.LevelLogger
@@ -197,7 +196,7 @@ func (s *Service) handleGetClient(ctx context.Context, m *lifecycle.Manager[pubs
 		if secret.Password == "" {
 			return client, kerrors.WithKind(nil, governor.ErrInvalidConfig, "Empty auth")
 		}
-		if secret == s.auth {
+		if secret == client.auth {
 			return client, nil
 		}
 	}